Paid ransom to have the hijacked data destroyed by the cybercriminals @ Blackbaud and Blackbaud Inc.

In July 2020, the company, which provides hundreds of non-profits and educational facilities with customer relationship management services, disclosed that they had suffered a ransomware attack. More than 120 education and third-sector organisations m...

Data breach affected millions over 10 months @ Wawa, Inc.

In December 2019, the company disclosed the discovery of malware on their payment processing servers affecting likely all of its locations. The company immediately engaged an external forensics firm and notified law enforcement (which was publicly dec...

Regulator reporting tool hacked possibly for insider trading purposes @ US Securities and Exchange Commission

In September 2017, the top US markets regulator disclosed that hackers had infiltrated its database that stores company financial filings which potentially allowed hackers to trade on inside information. The hackers exploited a software vulnerability...

Hackers accessed computers with sensitive records of 4.5 million people @ The University of California, Los Angeles and UCLA

In July 2015, the university disclosed a bad actor had accessed parts of their network that contained the personal information of 4.5 million individuals. At that time it was the fourth-biggest healthcare data breach of all time. There were "indicati...

45 million users affected by breach on more than 1,100 websites @ VerticalScope Inc.

In June 2016, the company disclosed a security issue that was being investigated by their internal security team. At that time, it was one of the largest data breaches ever ranking sixth according to security researcher Troy Hunt. In February 2016...

Let us do the analysis so you can make the decisions

Premier risk-driven analysis

All our analysis is overseen some of the leading members of the risk community and includes lessons learnt, controls environment and root cause analysis. Learn more...

High-quality structured cyber dataset

Key attributes of each case - such as threat actor, costs incurred, failed controls etc. - are captured through the Global Cyber Event Taxonomy Learn more...

Consulting & training services

Our case studies have provided us with unique insights into the challenges faced and strategies implemented by organisations countering cyber security threats. Learn more...